{"id":25302,"date":"2017-03-14T13:00:04","date_gmt":"2017-03-14T20:00:04","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=25302"},"modified":"2017-03-15T09:21:24","modified_gmt":"2017-03-15T16:21:24","slug":"cso-lets-not-leave-new-uk-nca-ncsc-cyberthreat-report-shelf","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2017\/03\/cso-lets-not-leave-new-uk-nca-ncsc-cyberthreat-report-shelf\/","title":{"rendered":"Let's Not Leave the New UK NCA and NCSC Cyberthreat Report on the Shelf"},"content":{"rendered":"<p>Today, two of the most important agencies working on cybersecurity in the UK issued their latest assessment of the cyberthreat to business. The report by the National Crime Agency (NCA) and the newly formed National Cyber Security Centre (NCSC) judges the threat to business as serious and growing, with particular concern about the prevalence of ransomware.<\/p>\n<h3>Don\u2019t Just Listen \u2013 Act<\/h3>\n<p>A joint report from these two bodies is extremely influential in educating organisations and changing the debate around threats to one that encourages organisations to embrace cybersecurity and adopt a preventative posture. If embraced properly, it can contribute to how businesses, governmental bodies and everyday users keep closer pace with the threats they face today.<\/p>\n<p>But for the NCA and NCSC report to have impact, people and organisations must take this broad insight and personalise it, not just file it for future reference. This entails looking at which elements are relevant to them and what personal or business impact it would have, so organisations and individuals can take appropriate steps to manage the risks.<\/p>\n<p>There is context for this to happen, of course. While the EU General Data Protection Regulation comes into force in 2018 and codifies\u00a0the need for ongoing assessment of the risks and application of relevant state-of-the-art cybersecurity controls, businesses and users should be applying these principles today.<\/p>\n<h3>Ransomware Is Growing and Evolving \u2013 Businesses Must Keep Pace<\/h3>\n<p>Notwithstanding the report\u2019s warnings, ransomware is still in its relative infancy, yet its evident scope to impact all organisations, rather than just such traditional targets of cybercrime as financial services, means we should expect it to grow.\u00a0In the last year, we have seen ransomware start to leverage targeted techniques with <a href=\"https:\/\/www.paloaltonetworks.com\/blog\/2016\/12\/unit42-samsa-ransomware-attacks-year-review\/\">SamSa<\/a>, which has been\u00a0developed in previous years by nation-state attacks.\u00a0Most recently new variants, like <a href=\"https:\/\/www.paloaltonetworks.com\/blog\/2017\/03\/unit42-targeted-ransomware-attacks-middle-eastern-government-organizations-political-purposes\/\">RanRan<\/a>, have broadened beyond just financial motives to include political motives that blackmail victims into completing the requests to drive propaganda. In today\u2019s increasingly digitally dependent world, businesses should be cognizant of these trends. Strategies built on preventing attacks, rather than just cleaning up afterwards, are essential to significantly reduce these threats.<\/p>\n<p>No report\u2019s findings in the field of assessing cybercrime is ever going to be fixed. Quite simply, we need to operate on the principle that threats keep on evolving. It\u2019s important to apply this maxim, not just to how cyberattackers are changing approaches, but also to how our own use of technology to make our organisations function and flourish is evolving too. As such we must regularly review where and how cyberthreat information is shared.<\/p>\n<p>According to the report, the rapid adoption of business and consumer cloud services and devices, such as wearables that share information, can provide attackers with insight into our lifestyles that could be used against us. But it is equally important to focus on how these could be sources to tap into business data that may not be recognized as a threat.\u00a0For example, while many businesses have significant controls around their core data centers, cloud storage can be a weak point, with businesses often not clear on where and why they are being used.<\/p>\n<p>Stealing genuine credentials is still one of the most common motives for attackers, as with these, an adversary can bypass the entire attack lifecycle by impersonating a valid user, move uninterrupted throughout the organization's network, and shift to the abuse of credentials from within. Where data is stored outside the business, awareness of credential misuse can often go undetected.\u00a0Cyber risk prevention must start with visibility of your continually evolving IT space and examining where you can reduce your risks by reducing the potential attack surface you expose.<\/p>\n<h3>Industry Collaboration Is Key<\/h3>\n<p>As government bodies collaborate more closely, so should our industry. In recent years, CISP has been a great initiative for cyberthreat intelligence sharing between UK organizations. It is also great to see how the Cyber Threat Alliance is driving collaboration between security vendors to better work together and automate sharing. Importantly this is not just the sharing of threats that are seen, but also the blocking of controls and context about the attackers.<\/p>\n<p>Returning to the goals of the NCSC, the forces of collaboration, crowdsourcing intelligence and cybersecurity computer power are going to be critical to success in fighting the threats we face. Like any movement for change, it\u2019s essential to begin at the grass roots, getting every business and indeed individual to recognize their role and responsibility, and what value they add into the process of prevention. The more we can work together, the more we can move unknown high-risk attacks into known attacks that are prevented or contained effectively. The role of vendors like Palo Alto Networks is to simplify this process, so cybersecurity and prevention are instinctive, even automatic, behaviours to how we run our economy and live our lives digitally.<\/p>\n<p><a href=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2017\/03\/ignite17-social-cover-img-facebook-820x340.png\"><div style=\"max-width:100%\" data-width=\"820\"><span class=\"ar-custom\" style=\"padding-bottom:41.46%;\"><img loading=\"lazy\" decoding=\"async\"  class=\"alignnone size-full wp-image-25356 lozad\"  data-src=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2017\/03\/ignite17-social-cover-img-facebook-820x340.png\" alt=\"ignite17-social-cover-img-facebook-820x340\" width=\"820\" height=\"340\" \/><\/span><\/div><\/a><\/p>\n<p><strong>Ignite '17 Security Conference: Vancouver, BC June 12\u201315, 2017<\/strong><\/p>\n<p>Ignite '17 Security Conference is a live, four-day conference designed for today\u2019s security professionals. Hear from innovators and experts, gain real-world skills through hands-on sessions and interactive workshops, and find out how breach prevention is changing the security industry. Visit the <a href=\"http:\/\/www.paloaltonetworksignite.com\" rel=\"nofollow,noopener\" >Ignite website<\/a> for more information on tracks, workshops and marquee sessions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the wake of new reports from the UK\u2019s National Crime Agency and National Cyber Security Center, Palo Alto Networks EMEA CSO Greg Day encourages organizations to embrace cybersecurity and adopt a preventative posture towards threats. <\/p>\n","protected":false},"author":150,"featured_media":20190,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1766],"tags":[432,3396,1871],"coauthors":[1466],"class_list":["post-25302","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cso-perspective","tag-emea","tag-nca","tag-ncsc"],"jetpack_featured_media_url":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-content\/uploads\/2016\/09\/CSO-web-banner-650x300.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/25302","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/150"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=25302"}],"version-history":[{"count":2,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/25302\/revisions"}],"predecessor-version":[{"id":25368,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/25302\/revisions\/25368"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/20190"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=25302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=25302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=25302"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=25302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}